Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/trf-4.09.1/src/tr30dat.c
Examining data/trf-4.09.1/src/tr30dat.h
Examining data/trf-4.09.1/src/trf.c
Examining data/trf-4.09.1/src/trfclean.h
Examining data/trf-4.09.1/src/trfrun.h
FINAL RESULTS:
data/trf-4.09.1/src/tr30dat.h:494:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( Fptxt, format, argp );
data/trf-4.09.1/src/trf.c:98:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, usage, av[0] );
data/trf-4.09.1/src/trf.c:165:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( usage, av[0] );
data/trf-4.09.1/src/trf.c:221:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( paramset.inputfilename, av[1] );
data/trf-4.09.1/src/trf.c:224:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( paramset.outputprefix, pname );
data/trf-4.09.1/src/trfclean.h:187:13: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
i = fscanf( fp, "%s %d %d %d %f %d %d %d %d %d %d %d %d %f %s",
data/trf-4.09.1/src/trfclean.h:206:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newptr->pattern, patbuffer );
data/trf-4.09.1/src/trfclean.h:461:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tempfile, alignmentfile );
data/trf-4.09.1/src/trfclean.h:642:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( newname, oldname );
data/trf-4.09.1/src/trfclean.h:651:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( oldext, &newname[numindex + 1] );
data/trf-4.09.1/src/trfclean.h:654:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( newext, ".%d%s", tag, oldext );
data/trf-4.09.1/src/trfclean.h:657:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &newname[numindex + 1], newext );
data/trf-4.09.1/src/trfrun.h:134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( source, paramset.inputfilename );
data/trf-4.09.1/src/trfrun.h:135:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( prefix, paramset.outputprefix );
data/trf-4.09.1/src/trfrun.h:143:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( line, "%s not found", source );
data/trf-4.09.1/src/trfrun.h:178:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( hsequence, "Sequence: %s\n", seq.name );
data/trf-4.09.1/src/trfrun.h:196:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( destd, "%s.%s.dat", prefix, paramstring );
data/trf-4.09.1/src/trfrun.h:287:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/trf-4.09.1/src/trfrun.h:323:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( desth, "%s.%s.summary.html", prefix, paramstring );
data/trf-4.09.1/src/trfrun.h:335:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( destm, "%s.%s.mask", prefix, paramstring );
data/trf-4.09.1/src/trfrun.h:348:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( destd, "%s.%s.dat", prefix, paramstring );
data/trf-4.09.1/src/trfrun.h:399:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( hsequence, "Sequence: %s\n", seq.name );
data/trf-4.09.1/src/trfrun.h:403:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( input, "%s.s%d", prefix, i );
data/trf-4.09.1/src/trfrun.h:404:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( paramset.inputfilename, input );
data/trf-4.09.1/src/trfrun.h:405:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( paramset.outputprefix, input );
data/trf-4.09.1/src/trfrun.h:499:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( outh, "%s.%s.1.html", input, paramstring );
data/trf-4.09.1/src/trfrun.h:511:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( line, "%s.%s.1.txt.html", input, paramstring );
data/trf-4.09.1/src/trfrun.h:520:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( maskstring, "%s.s%d.%s.mask", prefix, i, paramstring );
data/trf-4.09.1/src/trfrun.h:528:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( outm, "%s.s%d.%s.mask", prefix, i, paramstring );
data/trf-4.09.1/src/trfrun.h:589:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( paramset.outputfilename, desth );
data/trf-4.09.1/src/trfrun.h:696:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( htmlstring, "%s.%s.html", paramset.outputprefix, paramstring );
data/trf-4.09.1/src/trfrun.h:697:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( txtstring, "%s.%s.txt.html", paramset.outputprefix, paramstring );
data/trf-4.09.1/src/trfrun.h:698:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( datstring, "%s.%s.dat", paramset.outputprefix, paramstring );
data/trf-4.09.1/src/trfrun.h:699:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( maskstring, "%s.%s.mask", paramset.outputprefix, paramstring );
data/trf-4.09.1/src/tr30dat.c:3238:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(newptr->ref,"%d--%d,%d,%3.1f,%d,%d",
data/trf-4.09.1/src/tr30dat.h:174:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/* */ char debugbuffer[500];
data/trf-4.09.1/src/tr30dat.h:179:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char EC[2 * ( MAXPATTERNSIZECONSTANT + 1 )];
data/trf-4.09.1/src/tr30dat.h:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[2 * ( MAXPATTERNSIZECONSTANT + 1 )];
data/trf-4.09.1/src/tr30dat.h:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputfilename[_MAX_PATH]; /* constant defined in stdlib */
data/trf-4.09.1/src/tr30dat.h:348:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputprefix[_MAX_PATH];
data/trf-4.09.1/src/tr30dat.h:349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputdirectory[_MAX_PATH];
data/trf-4.09.1/src/tr30dat.h:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputfilename[_MAX_PATH];
data/trf-4.09.1/src/tr30dat.h:479:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSEQNAMELEN];
data/trf-4.09.1/src/trf.c:202:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ( atol( optarg ) < 1 ) ) {
data/trf-4.09.1/src/trf.c:225:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.match = atoi( av[2] );
data/trf-4.09.1/src/trf.c:226:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.mismatch = atoi( av[3] );
data/trf-4.09.1/src/trf.c:227:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.indel = atoi( av[4] );
data/trf-4.09.1/src/trf.c:228:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.PM = atoi( av[5] );
data/trf-4.09.1/src/trf.c:229:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.PI = atoi( av[6] );
data/trf-4.09.1/src/trf.c:230:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.minscore = atoi( av[7] );
data/trf-4.09.1/src/trf.c:231:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
paramset.maxperiod = atoi( av[8] );
data/trf-4.09.1/src/trfclean.h:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hsequence[256];
data/trf-4.09.1/src/trfclean.h:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hparameters[256];
data/trf-4.09.1/src/trfclean.h:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hlength[256];
data/trf-4.09.1/src/trfclean.h:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patbuffer[MAXDISTANCECONSTANT + 1000];
data/trf-4.09.1/src/trfclean.h:160:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( datafile, "r" );
data/trf-4.09.1/src/trfclean.h:173:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hlength, "Length: %d", Length );
data/trf-4.09.1/src/trfclean.h:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string1[260];
data/trf-4.09.1/src/trfclean.h:451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string2[260];
data/trf-4.09.1/src/trfclean.h:452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string3[260];
data/trf-4.09.1/src/trfclean.h:453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[264];
data/trf-4.09.1/src/trfclean.h:462:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( tempfile, ".tmp" );
data/trf-4.09.1/src/trfclean.h:465:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
al_fp = fopen( alignmentfile, "r" );
data/trf-4.09.1/src/trfclean.h:471:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_fp = fopen( tempfile, "w" );
data/trf-4.09.1/src/trfclean.h:525:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[260];
data/trf-4.09.1/src/trfclean.h:529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headlns[30][200]; /* to hold the heading section of the file */
data/trf-4.09.1/src/trfclean.h:530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200]; /* holds one line of alignment data */
data/trf-4.09.1/src/trfclean.h:555:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
al_fp = fopen( alignmentfile, "r" );
data/trf-4.09.1/src/trfclean.h:577:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out_fp = fopen( outfile, "w" );
data/trf-4.09.1/src/trfclean.h:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newext[20];
data/trf-4.09.1/src/trfclean.h:637:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldext[10];
data/trf-4.09.1/src/trfclean.h:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[260];
data/trf-4.09.1/src/trfclean.h:669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkfile[260];
data/trf-4.09.1/src/trfclean.h:670:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuffer[260];
data/trf-4.09.1/src/trfclean.h:693:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( outfile, "w" );
data/trf-4.09.1/src/trfclean.h:858:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( datafile, "w" );
data/trf-4.09.1/src/trfclean.h:898:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( maskfile, "w" );
data/trf-4.09.1/src/trfrun.h:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ref[45]; /* records label for linking */
data/trf-4.09.1/src/trfrun.h:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source[_MAX_PATH], input[_MAX_PATH], outm[_MAX_PATH], outd[_MAX_PATH],
data/trf-4.09.1/src/trfrun.h:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/trf-4.09.1/src/trfrun.h:141:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
srcfp = fopen( source, "rb" );
data/trf-4.09.1/src/trfrun.h:166:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( paramstring, "%d.%d.%d.%d.%d.%d.%d", paramset.match,
data/trf-4.09.1/src/trfrun.h:170:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hparameters, "Parameters: %d %d %d %d %d %d %d\n", paramset.match,
data/trf-4.09.1/src/trfrun.h:179:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hlength, "Length: %d", seq.length );
data/trf-4.09.1/src/trfrun.h:197:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
destdfp = fopen( destd, "w" );
data/trf-4.09.1/src/trfrun.h:286:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskstring[_MAX_PATH];
data/trf-4.09.1/src/trfrun.h:318:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( paramstring, "%d.%d.%d.%d.%d.%d.%d", paramset.match,
data/trf-4.09.1/src/trfrun.h:325:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
desthfp = fopen( desth, "w" );
data/trf-4.09.1/src/trfrun.h:336:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
destmfp = fopen( destm, "w" );
data/trf-4.09.1/src/trfrun.h:349:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
destdfp = fopen( destd, "w" );
data/trf-4.09.1/src/trfrun.h:400:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( hlength, "Length: %d", seq.length );
data/trf-4.09.1/src/trfrun.h:519:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskstring[_MAX_PATH];
data/trf-4.09.1/src/trfrun.h:529:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outmfp = fopen( outm, "r" );
data/trf-4.09.1/src/trfrun.h:603:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htmlstring[_MAX_PATH], txtstring[_MAX_PATH], paramstring[_MAX_PATH],
data/trf-4.09.1/src/trfrun.h:637:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[255];
data/trf-4.09.1/src/trfrun.h:685:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( paramstring, "%d.%d.%d.%d.%d.%d.%d", paramset.match,
data/trf-4.09.1/src/trfrun.h:703:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Fptxt = fopen( txtstring, "w" );
data/trf-4.09.1/src/trfrun.h:805:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(
data/trf-4.09.1/src/trfrun.h:937:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100];
data/trf-4.09.1/src/tr30dat.c:71:29: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void init_sm(int match, int mismatch)
data/trf-4.09.1/src/tr30dat.c:90:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
*currint=mismatch;
data/trf-4.09.1/src/tr30dat.c:2881:22: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int g,x,lp,rp,match,mismatch,indel,mindistance,maxdistance;
data/trf-4.09.1/src/tr30dat.c:3123:69: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
fprintf(Fptxt,"\nMatches: %d, Mismatches: %d, Indels: %d",match, mismatch, indel);
data/trf-4.09.1/src/tr30dat.c:3125:28: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
(float)match/x, (float)mismatch/x, (float)indel/x);
data/trf-4.09.1/src/tr30dat.h:331:18: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int mismatch;
data/trf-4.09.1/src/trf.c:281:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen( name ) - 1;
data/trf-4.09.1/src/trfclean.h:200:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc( ( strlen( patbuffer ) + 1 ) * sizeof( char ) );
data/trf-4.09.1/src/trfclean.h:564:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nextchar = getc( al_fp );
data/trf-4.09.1/src/trfclean.h:598:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nextchar = getc( al_fp );
data/trf-4.09.1/src/trfrun.h:167:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
paramset.mismatch, paramset.indel, paramset.PM, paramset.PI,
data/trf-4.09.1/src/trfrun.h:171:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
paramset.mismatch, paramset.indel, paramset.PM, paramset.PI,
data/trf-4.09.1/src/trfrun.h:232:58: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
seq.name, paramset.match, paramset.mismatch,
data/trf-4.09.1/src/trfrun.h:319:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
paramset.mismatch, paramset.indel, paramset.PM, paramset.PI,
data/trf-4.09.1/src/trfrun.h:446:58: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
seq.name, paramset.match, paramset.mismatch,
data/trf-4.09.1/src/trfrun.h:537:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a = getc( outmfp );
data/trf-4.09.1/src/trfrun.h:669:29: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Beta = -paramset.mismatch;
data/trf-4.09.1/src/trfrun.h:686:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
paramset.mismatch, paramset.indel, paramset.PM, paramset.PI,
data/trf-4.09.1/src/trfrun.h:725:36: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
paramset.match, paramset.mismatch, paramset.indel, paramset.PM,
data/trf-4.09.1/src/trfrun.h:1034:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
letter = getc( fp );
data/trf-4.09.1/src/trfrun.h:1040:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
letter = getc( fp );
data/trf-4.09.1/src/trfrun.h:1053:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
letter = getc( fp );
data/trf-4.09.1/src/trfrun.h:1060:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
letter = getc( fp );
data/trf-4.09.1/src/trfrun.h:1079:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
letter = getc( fp );
data/trf-4.09.1/src/trfrun.h:1140:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc( fp );
data/trf-4.09.1/src/trfrun.h:1146:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc( fp );
data/trf-4.09.1/src/trfrun.h:1162:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc( fp );
data/trf-4.09.1/src/trfrun.h:1180:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc( fp ); // get a character from file
ANALYSIS SUMMARY:
Hits = 127
Lines analyzed = 7219 in approximately 0.25 seconds (28414 lines/second)
Physical Source Lines of Code (SLOC) = 5100
Hits@level = [0] 167 [1] 28 [2] 65 [3] 0 [4] 34 [5] 0
Hits@level+ = [0+] 294 [1+] 127 [2+] 99 [3+] 34 [4+] 34 [5+] 0
Hits/KSLOC@level+ = [0+] 57.6471 [1+] 24.902 [2+] 19.4118 [3+] 6.66667 [4+] 6.66667 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.